mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-26 21:33:14 +00:00
5fb6bb7519
Bump operator-sdk, ansible-operator, and OPM binaries to align with the OCP 4.20 / AAP 2.7 target. Replace the deprecated kube-rbac-proxy sidecar (removed in operator-sdk v1.38.0) with controller-runtime's built-in WithAuthenticationAndAuthorization for metrics endpoint protection. Changes: - Makefile: operator-sdk v1.36.1 → v1.40.0, OPM v1.26.0 → v1.55.0 - Dockerfile: ansible-operator base image v1.36.1 → v1.40.0 - Remove kube-rbac-proxy sidecar and auth_proxy_* RBAC manifests - Add metrics_auth_role, metrics_reader, and metrics_service resources - Add --metrics-secure, --metrics-require-rbac, --metrics-bind-address flags via JSON patch to serve metrics directly from the manager on port 8443 with TLS and RBAC authentication Ref: AAP-65254 Authored By: Christian M. Adams <chadams@redhat.com> Assisted By: Claude
31 lines
740 B
YAML
31 lines
740 B
YAML
# Adds namespace to all resources.
|
|
namespace: awx
|
|
|
|
# Value of this field is prepended to the
|
|
# names of all resources, e.g. a deployment named
|
|
# "wordpress" becomes "alices-wordpress".
|
|
# Note that it should also match with the prefix (text before '-') of the namespace
|
|
# field above.
|
|
namePrefix: awx-operator-
|
|
|
|
# Labels to add to all resources and selectors.
|
|
#labels:
|
|
#- includeSelectors: true
|
|
# pairs:
|
|
# someName: someValue
|
|
|
|
resources:
|
|
- ../crd
|
|
- ../rbac
|
|
- ../manager
|
|
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
|
|
#- ../prometheus
|
|
- metrics_service.yaml
|
|
|
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
patches:
|
|
- path: manager_metrics_patch.yaml
|
|
target:
|
|
kind: Deployment
|